CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50564 – s390/netiucv: Fix return type of netiucv_tx()
https://notcve.org/view.php?id=CVE-2022-50564
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: s390/netiucv: Fix return type of netiucv_tx() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid to help mitigate ROP attacks. If they are not identical, there is a failure at run time, which manifests as either a kernel panic or thread getting killed. A proposed warning in clang aims to catch these at ... • https://git.kernel.org/stable/c/dc1f8bf68b311b1537cb65893430b6796118498a •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50563 – dm thin: Fix UAF in run_timer_softirq()
https://notcve.org/view.php?id=CVE-2022-50563
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix UAF in run_timer_softirq() When dm_resume() and dm_destroy() are concurrent, it will lead to UAF, as follows: BUG: KASAN: use-after-free in __run_timers+0x173/0x710 Write of size 8 at addr ffff88816d9490f0 by task swapper/0/0
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50562 – tpm: acpi: Call acpi_put_table() to fix memory leak
https://notcve.org/view.php?id=CVE-2022-50562
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: tpm: acpi: Call acpi_put_table() to fix memory leak The start and length of the event log area are obtained from TPM2 or TCPA table, so we call acpi_get_table() to get the ACPI information, but the acpi_get_table() should be coupled with acpi_put_table() to release the ACPI memory, add the acpi_put_table() properly to fix the memory leak. While we are at it, remove the redundant empty line at the end of the tpm_read_log_acpi(). In the Linux... • https://git.kernel.org/stable/c/0bfb23746052168620c5b52f49d8a47c3bb022fa • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50561 – iio: fix memory leak in iio_device_register_eventset()
https://notcve.org/view.php?id=CVE-2022-50561
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: fix memory leak in iio_device_register_eventset() When iio_device_register_sysfs_group() returns failed, iio_device_register_eventset() needs to free attrs array. Otherwise, kmemleak would scan & report memory leak as below: unreferenced object 0xffff88810a1cc3c0 (size 32): comm "100-i2c-vcnl302", pid 728, jiffies 4295052307 (age 156.027s) backtrace: __kmalloc+0x46/0x1b0 iio_device_register_eventset at drivers/iio/industrialio-event.c:... • https://git.kernel.org/stable/c/32f171724e5cbecc80594fb6eced057cfdd6eb6f •
CVSS: 6.6EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50560 – drm/meson: explicitly remove aggregate driver at module unload time
https://notcve.org/view.php?id=CVE-2022-50560
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/meson: explicitly remove aggregate driver at module unload time Because component_master_del wasn't being called when unloading the meson_drm module, the aggregate device would linger forever in the global aggregate_devices list. That means when unloading and reloading the meson_dw_hdmi module, component_add would call into try_to_bring_up_aggregate_device and find the unbound meson_drm aggregate device. This would in turn dereference s... • https://git.kernel.org/stable/c/bbbe775ec5b5dace43a35886da9924837da09ddd •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50559 – clk: imx: scu: fix memleak on platform_device_add() fails
https://notcve.org/view.php?id=CVE-2022-50559
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: fix memleak on platform_device_add() fails No error handling is performed when platform_device_add() fails. Add error processing before return, and modified the return value. In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: fix memleak on platform_device_add() fails No error handling is performed when platform_device_add() fails. Add error processing before return, and modified the return val... • https://git.kernel.org/stable/c/77d8f3068c63ee0983f0b5ba3207d3f7cce11be4 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50558 – regmap-irq: Use the new num_config_regs property in regmap_add_irq_chip_fwnode
https://notcve.org/view.php?id=CVE-2022-50558
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Use the new num_config_regs property in regmap_add_irq_chip_fwnode Commit faa87ce9196d ("regmap-irq: Introduce config registers for irq types") added the num_config_regs, then commit 9edd4f5aee84 ("regmap-irq: Deprecate type registers and virtual registers") suggested to replace num_type_reg with it. However, regmap_add_irq_chip_fwnode wasn't modified to use the new property. Later on, commit 255a03bb1bb3 ("ASoC: wcd9335: Conver... • https://git.kernel.org/stable/c/faa87ce9196dbb074d75bd4aecb8bacf18f19b4e • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50557 – pinctrl: thunderbay: fix possible memory leak in thunderbay_build_functions()
https://notcve.org/view.php?id=CVE-2022-50557
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: pinctrl: thunderbay: fix possible memory leak in thunderbay_build_functions() The thunderbay_add_functions() will free memory of thunderbay_funcs when everything is ok, but thunderbay_funcs will not be freed when thunderbay_add_functions() fails, then there will be a memory leak, so we need to add kfree() when thunderbay_add_functions() fails to fix it. In addition, doing some cleaner works, moving kfree(funcs) from thunderbay_add_functions... • https://git.kernel.org/stable/c/12422af8194df85243d68b11f8783de9d01e58dc •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50556 – drm: Fix potential null-ptr-deref due to drmm_mode_config_init()
https://notcve.org/view.php?id=CVE-2022-50556
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm: Fix potential null-ptr-deref due to drmm_mode_config_init() drmm_mode_config_init() will call drm_mode_create_standard_properties() and won't check the ret value. When drm_mode_create_standard_properties() failed due to alloc, property will be a NULL pointer and may causes the null-ptr-deref. Fix the null-ptr-deref by adding the ret value check. Found null-ptr-deref while testing insert module bochs: general protection fault, probably ... • https://git.kernel.org/stable/c/6b4959f43a04e12d39c5700607727f2cbcfeac31 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-40016 – media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID
https://notcve.org/view.php?id=CVE-2025-40016
20 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID Per UVC 1.1+ specification 3.7.2, units and terminals must have a non-zero unique ID. ``` Each Unit and Terminal within the video function is assigned a unique identification number, the Unit ID (UID) or Terminal ID (TID), contained in the bUnitID or bTerminalID field of the descriptor. The value 0x00 is reserved for undefined ID, ``` If we add a new entity with id 0 or a ... • https://git.kernel.org/stable/c/a3fbc2e6bb05a3b1ea341cd29dea09b4a033727b •